Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
EUVDB-ID: #VU9393
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5712
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to execute arbitrary code on the target system.
The weakness exists due to buffer overflow in Active Management Technology (AMT). A remote attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9390
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5705
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to multiple buffer overflows in kernel. A local attacker can send a specially crafted request, trigger memory corruption, execute arbitrary code and compromise the vulnerable system.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9388
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5706
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to multiple buffer overflows in kernel. A local attacker can send a specially crafted request, trigger memory corruption, execute arbitrary code an compromise the vulnerable system.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10809
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5707
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges.
The vulnerability exists due to multiple buffer overflows in kernel. A local attacker can execute arbitrary code with elevated privileges.
MitigationWorkarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9392
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5711
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9391
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5708
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9389
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5709
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to unknown error. A local attacker can send a specially crafted request,gain elevated privileges and access privileged content.
Workarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU10808
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-5710
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to multiple privilege escalations in kernel. A remote attacker can run unauthorized process to access privileged content via unspecified vector.
MitigationWorkarounds are available on vendor's website.
Vulnerable software versionsSIMOTION P320-4S: All versions
SINUMERIK PCU50.5-P: All versions
WINXP: All versions
WIN7: All versions
SINUMERIK PCU50.5-C: All versions
SIMATIC ITP1000: All versions
SIMATIC IPC847D: All versions
SIMATIC IPC847C: All versions
SIMATIC IPC827D: All versions
SIMATIC IPC827C: All versions
SIMATIC IPC677D: All versions
SIMATIC IPC647D: All versions
SIMATIC IPC647C: All versions
SIMATIC IPC627D: All versions
SIMATIC IPC627C: All versions
SIMATIC IPC547G: All versions
SIMATIC IPC547E: All versions
SIMATIC IPC547D: All versions
SIMATIC IPC477E: All versions
SIMATIC IPC477D PRO: All versions
SIMATIC IPC477D: All versions
SIMATIC IPC427E: All versions
SIMATIC IPC427D: All versions
SIMATIC HMI IPC677C: All versions
SIMATIC Field-PG M5: All versions
SIMATIC Field-PG M4: All versions
SIMATIC Field-PG M3: All versions
CPE2.3http://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.